C# and Web Application Security Master Course

As a developer, your duty is to write bulletproof code. However…

What if we told you that despite all of your efforts, the code you have been writing your entire career is full of weaknesses you never knew existed? What if, as you are reading this, hackers were trying to break into your code? How likely would they be to succeed?

This Web application security course will change the way you look at code. A hands-on training during which we will teach you all of the attackers’ tricks and how to mitigate them, leaving you with no other feeling than the desire to know more.

It is your choice to be ahead of the pack, and be seen as a game changer in the fight against cybercrime.

Audience

§ Web Developers using C#

§ Software Architects

§ Testers

Course Objectives

Participants attending this course will:

§ Understand basic concepts of security, IT security and secure coding

§ Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them

§ Learn client-side vulnerabilities and secure coding practices

§ Understand the requirements of secure communication

§ Learn to use various security features of the .NET development environment

§ Have a practical understanding of cryptography

§ Learn about denial of service attacks and protections

§ Understand security concepts of Web services

§ Learn about XML security

§ Learn about JSON security

§ Understand essential security protocols

§ Understand some recent attacks against cryptosystems

§ Get information about some recent vulnerabilities in .NET and ASP.NET

§ Learn about typical coding mistakes and how to avoid them

§ Understand security testing approaches and methodologies

§ Get practical knowledge in using security testing techniques and tools

§ Learn how to handle vulnerabilities in the used platforms, frameworks and libraries

§ Get sources and further readings on secure coding practices

Prerequisites

Advanced C# and Web application development

Outline

§ IT security and secure coding

§ Web application security

§ Client-side security

§ Requirements of secure communication

§ Practical cryptography

§ Denial of service

§ .NET security architecture and services

§ Desktop application security

§ Data access security in .NET

§ Security of Web services

§ XML security

§ JSON security

§ Security protocols

§ ASP.NET security architecture

§ Common coding errors and vulnerabilities

§ Security testing

§ Security testing techniques

§ Deployment environment

§ Principles of security and secure coding

§ Knowledge sources